FDA Recalls Defective iOS App That Injured Over 200 Insulin Pump Users

Jess Weatherbed reports via The Verge: At least 224 people with diabetes have reported injuries linked to a defective iOS app that caused their insulin pumps to shut down prematurely, according to the US Food and Drug Administration (FDA). On Wednesday, the agency announced that California-based medical device manufacturer Tandem Diabetes Care has issued a recall for version 2.7 of the iOS t:connect mobile app, which is used in conjunction with the company’s t:slim X2 insulin pump. Specifically, the recall relates to a software issue that can cause the app to repeatedly crash and relaunch, resulting in the pump’s battery being drained by excessive Bluetooth communication.

This battery drain can cause the pump to shut down “earlier than typically expected” according to Tandem, though the pump will notify users of an imminent shutdown via an alarm and low-power alert. The company has notified customers to update the mobile app to version 2.7.1 or later, which should fix the defective software. While no physical recall is taking place, the FDA has identified this as a “Class I” recall — the most serious type, as it relates to issues with products that can potentially cause serious injuries or death. No deaths linked to the issues have been reported as of April 15th. Tandem is encouraging pump users to take particular care when they sleep as it’s easier to miss battery depletion warnings, and is asking impacted customers to confirm they have been notified of the recall via this online form. For any other questions or concerns about the insulin pump recall, customers should contact Tandem Diabetes Care directly.

Read more of this story at Slashdot.

Dell Makes Return-To-Office Push With VPN, Badge Tracking

Dell is making sure its employees follow the company’s updated return-to-office policy through a series of new tracking techniques. According to The Register, Dell will track employees’ badge swipes and VPN connections and include a color-coded attendance grading system that summarizes employee presence.

“In the latest Jeff Clarke return-to-grade-school initiative, HR will be keeping an attendance report card on employees, grading them at four levels based on how well they meet the goal of being in the office 39 days a quarter,” a source familiar with Dell told The Register, referring to the IT giant’s chief operating officer. “Employees who do not meet the attendance requirement will have their status escalated up the ladder to Jeff Clarke, who apparently believes that being a hall monitor trumps growing revenue.” From the report: Starting next Monday, May 13, the enterprise hardware slinger plans to make weekly site visit data from its badge tracking available to employees through the corporation’s human capital management software and to give them color-coded ratings that summarize their status. Those ratings are: Blue flag indicates “consistent onsite presence”; Green flag indicates “regular onsite presence”; Yellow flag indicates “some onsite presence”; Red flag indicates “limited onsite presence”.

A second Dell source explained managers aren’t on the same page about the consequences of the color tiers, with some bosses suggesting employees want to remain Blue at all times and others indicating there’s more leeway and they could put up with a few red flags. “It’s a shit show here,” we’re told. […] “Dell is tracking badge-ins and VPN connections to ensure employees are onsite when they claim they are (to deter ‘coffee badging’ or scanning your badge then going immediately home),” a third source told us. “This is likely in response to the official numbers about how many of our staff members chose to remain remote after the RTO mandate.” […]

We’re told that the goal of the worker tracking appears to be workforce attrition. “The problem is the market is soft right now for tech,” our second source, pointing to recent AWS job cuts. “Everyone is laying off.” This person anticipates further Dell layoffs over the summer, though no dates have been set. Our third source indicated that the onsite tracking policy seems unusually aggressive for Dell. “Even pre-pandemic, they never pushed or pressured folks to be in the office,” this person said. “A common phrase used to be ‘Work happens where you make it,’ with the office often being a ghost town multiple times a week, or after lunch, or pre-holidays.” Dell in February reported fiscal year 2024 revenue of $88.4 billion, down 14 percent from 2023, and profits of $3.2 billion.

Read more of this story at Slashdot.

Google Will Exit Prominent San Francisco Waterfront Office Tower

Google announced on Tuesday that it will be exiting One Market Plaza, a prominent office complex in San Francisco that it had been occupying since 2018. The company’s lease for the 300,000-square-foot-office will expire next April. The San Francisco Chronicle reports: Many of Google’s employees are already working outside of the giant waterfront office, in light of the company’s flexible approach to office attendance. As one of the city’s largest office properties and a prominent feature on its skyline, the 1.6-million-square-foot One Market Plaza complex features two high-rise towers and a 11-story office annex building known as the Landmark.” Ryan Lamont, a spokesperson for Google, said the company will be moving out of One Market’s Spear Tower, but will continue to occupy the smaller Landmark building. He declined to comment on how long Google plans to remain in the latter.” As we’ve said before, we’re focused on investing in real estate efficiently to meet the current and future needs of our hybrid workforce,” Lamont said in an email to the Chronicle. “We remain committed to our long-term presence in San Francisco.”

Real estate market participants who spoke with the Chronicle indicated that Google plans to consolidate much of its operations from One Market to nearby 345 Spear St., where the company leases about 400,000 square feet. These individuals said that Google will likely renew its lease at that property once it expires next year.

Read more of this story at Slashdot.

81% of Young People Say a 4-Day Workweek Would Boost Productivity, Survey Finds

A new national survey (PDF) from CNBC/Generation Lab of 1,033 people aged 18 to 34 found that an overwhelming 81% of respondents believe a four-day workweek would boost their company’s productivity, while 19% said productivity would decline. CNBC reports: Those results from the “Youth & Money in the USA” survey come amid discussions around the potential benefits of switching from the standard five-day U.S. workweek to a four-day cadence without a pay cut. Some companies have begun testing the arrangement, and say it has mitigated employee burnout and strengthened business performance. Exos, a U.S. coaching company that trains top athletes and leads corporate wellness programs, recently reported results from the first six months of an ongoing four-day workweek experiment. The company said the shortened workweek increased efficiency along with revenue and retention.

Although respondents to the CNBC/Generation Lab survey largely agreed on workweek length, they were less unified when asked about work setting. A 60% majority said they do their best work in the office, while the other 40% said they do so at home. Further reading: 32-Hour Workweek for America Proposed by Senator Bernie Sanders

Read more of this story at Slashdot.

Study Suggests Genetics as a Cause, Not Just a Risk, for Some Alzheimer’s

Pam Belluck reports via the New York Times: Scientists are proposing a new way of understanding the genetics of Alzheimer’s that would mean that up to a fifth of patients would be considered to have a genetically caused form of the disease. Currently, the vast majority of Alzheimer’s cases do not have a clearly identified cause. The new designation, proposed in a study published Monday, could broaden the scope of efforts to develop treatments, including gene therapy, and affect the design of clinical trials. It could also mean that hundreds of thousands of people in the United States alone could, if they chose, receive a diagnosis of Alzheimer’s before developing any symptoms of cognitive decline, although there currently are no treatments for people at that stage. The new classification would make this type of Alzheimer’s one of the most common genetic disorders in the world, medical experts said.

“This reconceptualization that we’re proposing affects not a small minority of people,” said Dr. Juan Fortea, an author of the study and the director of the Sant Pau Memory Unit in Barcelona, Spain. “Sometimes we say that we don’t know the cause of Alzheimer’s disease,” but, he said, this would mean that about 15 to 20 percent of cases “can be tracked back to a cause, and the cause is in the genes.” The idea involves a gene variant called APOE4. Scientists have long known that inheriting one copy of the variant increases the risk of developing Alzheimer’s, and that people with two copies, inherited from each parent, have vastly increased risk.

The new study, published in the journal Nature Medicine, analyzed data from over 500 people with two copies of APOE4, a significantly larger pool than in previous studies. The researchers found that almost all of those patients developed the biological pathology of Alzheimer’s, and the authors say that two copies of APOE4 should now be considered a cause of Alzheimer’s — not simply a risk factor. The patients also developed Alzheimer’s pathology relatively young, the study found. By age 55, over 95 percent had biological markers associated with the disease. By 65, almost all had abnormal levels of a protein called amyloid that forms plaques in the brain, a hallmark of Alzheimer’s. And many started developing symptoms of cognitive decline at age 65, younger than most people without the APOE4 variant.

Read more of this story at Slashdot.

OpenAI Exec Says Today’s ChatGPT Will Be ‘Laughably Bad’ In 12 Months

At the 27th annual Milken Institute Global Conference on Monday, OpenAI COO Brad Lightcap said today’s ChatGPT chatbot “will be laughably bad” compared to what it’ll be capable of a year from now. “We think we’re going to move toward a world where they’re much more capable,” he added. Business Insider reports: Lightcap says large language models, which people use to help do their jobs and meet their personal goals, will soon be able to take on “more complex work.” He adds that AI will have more of a “system relationship” with users, meaning the technology will serve as a “great teammate” that can assist users on “any given problem.” “That’s going to be a different way of using software,” the OpenAI exec said on the panel regarding AI’s foreseeable capabilities.

In light of his predictions, Lightcap acknowledges that it can be tough for people to “really understand” and “internalize” what a world with robot assistants would look like. But in the next decade, the COO believes talking to an AI like you would with a friend, teammate, or project collaborator will be the new norm. “I think that’s a profound shift that we haven’t quite grasped,” he said, referring to his 10-year forecast. “We’re just scratching the surface on the full kind of set of capabilities that these systems have,” he said at the Milken Institute conference. “That’s going to surprise us.” You can watch/listen to the talk here.

Read more of this story at Slashdot.

Minor Car Crashes Mean High Tech Repairs

“With all the improvements in car safety over the decades, the recent addition of a plethora of high tech sensors and warnings comes with increased costs,” writes longtime Slashdot reader smooth wombat. “And not just to have to have them on your car. Any time you get into an accident, even a minor one, it will most likely require a detailed examination of any sensors which may have been affected and their subsequent realignment, replacement, and calibration.” CNN reports: Some vehicles require “dynamic calibration,” which means, once the sensors and cameras are back in place, a driver needs to take the vehicle out on real roads for testing. With proper equipment attached the car can, essentially, recalibrate itself as it watches lane lines and other markers. It requires the car to be driven for a set distance at a certain speed but weather and traffic can create problems. “If you’re in Chicago or L.A., good luck getting to that speed,” said [Hami Ebrahimi, chief commercial officer at Caliber] “or if you’re in Seattle or Chicago or New York, with snow, good luck picking up all the road markings.”

More commonly, vehicles need “static calibration,” which can be done using machinery inside a closed workshop with a flat, level floor. Special targets are set up around the vehicle at set distances according to instructions from the vehicle manufacturer. “The car [views] those targets at those specific distances to recalibrate the world into the car’s computer,” Ebrahimi said. These kinds of repairs also demand buildings with open space that meet requirements including specific colors and lighting. And it requires special training for employees to perform these sorts of recalibrations, he said

“The change that we’ve seen in the last five years is greater than we’ve seen, probably, in the last five decades,” said Todd Dillender, chief operating officer of Caliber Collision, one of the biggest auto body repair companies in the United States with more than 1,700 locations across 41 states. […] With a rapidly changing industry, qualified auto body repair technicians are in short supply, just as they are in the engine repair business. That’s also led to upward pressure on pay in the industry as technicians have to be highly qualified and educated, Dillender said. That’s good for people who work in the industry, of course, but tougher for those who pay, and for the insurance companies who, in turn, pay for the repairs. A new study from consumer automotive group AAA says the cost to fix sensors and cameras in new vehicles “now accounts for more than a third of the post-crash repair costs,” reports CNN. However, “no one, including AAA, recommends not getting these features because of repair costs,” since many of them can cut crash rates in half and improve a car’s overall safety.

“They’re not going to prevent everything,” said Greg Brannon, director of automotive engineering at AAA. “And when you are in a crash, there are additional costs so it’s sort of the old ‘there’s no free ride’ when it comes to these things.”

Read more of this story at Slashdot.

Stockholm Exergi Lands World’s Largest Permanent Carbon Removal Deal With Microsoft

Swedish energy company Stockholm Exergi and Microsoft have announced a 10-year deal that will provide the tech giant with more than 3.3 million tons of carbon removal certificates through bioenergy with carbon capture and storage. While the value of the deal was not disclosed, it stands as the largest of its kind globally. Carbon Herald reports: Scheduled to commence in 2028 and span a decade, the agreement underscores a pivotal moment in combatting climate change. Anders Egelrud, CEO of Stockholm Exergi, lauded the deal as a “huge step” for the company and its BECCS project, emphasizing its profound implications for climate action. “I believe the agreement will inspire corporations with ambitious climate objectives, and we target to announce more deals with other pioneering companies over the coming months,” he said. Recognizing the imperative of permanent carbon removals in limiting global warming to 1.5C or below, the deal aligns with Microsoft’s ambitious goal of becoming carbon negative by 2030.

“Leveraging existing biomass power plants is a crucial first step to building worldwide carbon removal capacity,” Brian Marrs, Microsoft’s Senior Director of Energy & Carbon Removal, said, highlighting the importance of sustainable biomass sourcing for BECCS projects, as is the case with Stockholm Exergi. The partners will adhere to stringent quality standards, ensuring transparent reporting and adherence to sustainability criteria. The BECCS facility, once operational, will remove up to 800,000 tons of carbon dioxide (CO2) annually, contributing significantly to atmospheric carbon reduction. With environmental permits secured and construction set to commence in 2025, Stockholm Exergi plans to reach the final investment decision by the end of the year.

Read more of this story at Slashdot.

Novel Attack Against Virtually All VPN Apps Neuters Their Entire Purpose

Researchers have discovered a new attack that can force VPN applications to route traffic outside the encrypted tunnel, thereby exposing the user’s traffic to potential snooping or manipulation. This vulnerability, named TunnelVision, is found in almost all VPNs on non-Linux and non-Android systems. It’s believe that the vulnerability “may have been possible since 2002 and may already have been discovered and used in the wild since then,” reports Ars Technica. From the report: The effect of TunnelVision is “the victim’s traffic is now decloaked and being routed through the attacker directly,” a video demonstration explained. “The attacker can read, drop or modify the leaked traffic and the victim maintains their connection to both the VPN and the Internet.” The attack works by manipulating the DHCP server that allocates IP addresses to devices trying to connect to the local network. A setting known as option 121 allows the DHCP server to override default routing rules that send VPN traffic through a local IP address that initiates the encrypted tunnel. By using option 121 to route VPN traffic through the DHCP server, the attack diverts the data to the DHCP server itself. […]

The attack can most effectively be carried out by a person who has administrative control over the network the target is connecting to. In that scenario, the attacker configures the DHCP server to use option 121. It’s also possible for people who can connect to the network as an unprivileged user to perform the attack by setting up their own rogue DHCP server. The attack allows some or all traffic to be routed through the unencrypted tunnel. In either case, the VPN application will report that all data is being sent through the protected connection. Any traffic that’s diverted away from this tunnel will not be encrypted by the VPN and the Internet IP address viewable by the remote user will belong to the network the VPN user is connected to, rather than one designated by the VPN app.

Interestingly, Android is the only operating system that fully immunizes VPN apps from the attack because it doesn’t implement option 121. For all other OSes, there are no complete fixes. When apps run on Linux there’s a setting that minimizes the effects, but even then TunnelVision can be used to exploit a side channel that can be used to de-anonymize destination traffic and perform targeted denial-of-service attacks. Network firewalls can also be configured to deny inbound and outbound traffic to and from the physical interface. This remedy is problematic for two reasons: (1) a VPN user connecting to an untrusted network has no ability to control the firewall and (2) it opens the same side channel present with the Linux mitigation. The most effective fixes are to run the VPN inside of a virtual machine whose network adapter isn’t in bridged mode or to connect the VPN to the Internet through the Wi-Fi network of a cellular device. You can learn more about the research here.

Read more of this story at Slashdot.

Google Fit Dev APIs Shutdown Set, Fate of Android and Wear OS Apps Go Unannounced

Abner Li reports via 9to5Google: Since the launch of Health Connect in 2022, Google has been winding down the Google Fit developer APIs. Earlier this week, the company fully detailed how the “Google Fit APIs have been deprecated and will be supported until June 30, 2025.” Fitness and exercise apps that previously used Google Fit have until the June 2025 deadline to switch to Health Connect, with Google broadly referring to it as the “Android Health platform.”

Google’s migration guide for developers lists what they’re supposed to switch to on Android phones and Wear OS. However, there is no replacement for the Goals API that lets Google Fit users set “how many steps and heart points they want to aim for each day.” Google says it will “share more details about what’s next for Android Health” at I/O later this month.

As of this API shutdown announcement, Google has said nothing about the Google Fit apps on Android, Wear OS, and iOS. They still work to track activity and house your full archive. […] At this point, it’s clear that Google Fit is not the future. On the Pixel Watch, Fitbit is the default, while Samsung and other Wear OS manufacturers have their own health tracking solutions. If Google were to announce a deprecation of the Fit app, having it coincide with the June 2025 developer deadline makes sense.

Read more of this story at Slashdot.